/*
 * Java学习论坛
 * Copyright 2017 (C) All Rights Reserved.
 */
package cn.studyjava.verify.controller;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import cn.studyjava.verify.common.Const;
import cn.studyjava.verify.common.base.BaseAction;
import cn.studyjava.verify.common.enums.VerifyEnum;
import cn.studyjava.verify.common.result.JsonResult;
import cn.studyjava.verify.model.vo.AuthVO;
import cn.studyjava.verify.mybatis.entity.Auth;
import cn.studyjava.verify.service.IAuthService;
import cn.studyjava.verify.util.Md5Util;

/**
 * <p>
 * Description:
 * </p>
 * 
 * @author: zsljava
 * @version 1.0.0
 * <p>
 * History:
 * -----------------------------------------------
 * @Date: 2017年8月8日 下午2:14:11
 * @author: zsljava
 * @version 1.0.0
 * @OP: Create
 * -----------------------------------------------
 * </p>
 *
 * @since
 * @see
 */
@RestController
public class AuthController extends BaseAction{
	private Logger log = LoggerFactory.getLogger(AuthController.class);

	@Autowired
	private IAuthService authService;
	
	/**
	 * 客户端key的有效时间 （单位秒）
	 */
	private int keyLiveTime = 120;
	
	/**
	 * 
	 * @Title: auth
	 * @Description: signature 生成规则 MD5(authId_appKey_timestamp)
	 * @param authId
	 * @param appId
	 * @param timestamp
	 * @param signature
	 * @return
	 * @return: String
	 */
	@GetMapping(value = "/v1/auth/{authId}", produces="application/json;charset=UTF-8")
	public JsonResult<Object> auth(@PathVariable("authId") String authId,
			@RequestParam("appId") String appId, @RequestParam("timestamp") Long timestamp,
			@RequestParam("signature") String signature){
		log.debug("authId {}, appId {}, timestamp {}, signature {}", authId, appId, timestamp, signature);
		String authKey = authService.getAppKeyByAppId(appId);
		if(StringUtils.isEmpty(appId) || StringUtils.isEmpty(timestamp) || StringUtils.isEmpty(signature) || StringUtils.isEmpty(authId)){
			return buildFialJsonResult(VerifyEnum.VERIFY_AUTH_FAIL_PARAMS_IS_NULL);
		}
		
		Long ts = System.currentTimeMillis() / 1000;
		if((timestamp + keyLiveTime) >= ts){
			String sign = Md5Util.md532(appId.concat("_").concat(authKey).concat("_").concat(timestamp.toString()));
			if(sign.equals(signature)){
				Auth auth = authService.verify(authId, appId);
				// 验证信息不存在
				if(auth == null){ 
					return buildFialJsonResult(VerifyEnum.VERIFY_AUTH_NOT_EXIST);
				// 服务器验证状态为失败
				}else if(auth.getStatus() == Const.VERIFY_STATUS_FAIL){ 
					AuthVO at = new AuthVO();
					BeanUtils.copyProperties(auth, at);
					return buildFialJsonResult(VerifyEnum.VERIFY_AUTH_FAIL, at);
				// 服务器验证状态为成功
				}else if(auth.getStatus() == Const.VERIFY_STATUS_SUCCESS){ 
					AuthVO at = new AuthVO();
					BeanUtils.copyProperties(auth, at);
					return buildJsonResult(at.getStatus(), VerifyEnum.getEnumByCode(at.getReasonCode()), at);
				}
			}else{
				return buildFialJsonResult(VerifyEnum.VERIFY_AUTH_FAIL_SIGNATURE);
			}
		}
		
		return buildFialJsonResult(VerifyEnum.VERIFY_AUTH_FAIL_TIMEOUT);
	}
}
